Setup s705 with activated FreePBX does nothing


(Felotus) #1

I’m following this youtube tutorial: youtube.com/watch?v=4CsbfRTK5TI

I have a working FreePBX installation and have installed the following:

  • on FreePBX, I have added the MAC address of my s705 to an extension through the Endpoint Manager.
  • on Sangoma Portal, I have added the same mac address by claiming a phone and set “Redirection Type”: “Deployment” with the only deployment that I have in my sangoma portal account.

In the video, once that the phone is turned on, it automatically finds the PBX and provisions itself, but when I tried to do it, it didn’t do anything, it just boots and isn’t provisioned.

How can I debug this? Am I missing a step?


(Lorne Gaetz) #2

When redirecting to ‘Deployment’ you must fill out all the fields in the ‘Phones’ tab when you edit the deployment.


(Felotus) #4

This is what my “Phones” tab look like on Sangoma platform and it matches the data present in my FreePBX:


(Itzik) #5

Did you forward the necessary ports?


(Felotus) #6

What do you mean? Firewall-speaking ?


(Itzik) #7

Yes .


(Felotus) #8

It’s a turn-key setup from OPL which is a Sangoma approved provider so I’m assuming all the ports are forwarded the way they should and the firewall is setup the way it should.


#9

Always loving “assume” when used in any context.

Please add proof . . .


(Felotus) #10

Excuse my ignorance, what command should I run to ensure ports are forwarded as expected?


#11

iptables -L


(Felotus) #12

Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-recidive all – anywhere anywhere
fail2ban-SIP all – anywhere anywhere
fail2ban-SSH tcp – anywhere anywhere multiport dports ssh
fpbxfirewall all – anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain fail2ban-SIP (1 references)
target prot opt source destination
RETURN all – anywhere anywhere

Chain fail2ban-SSH (1 references)
target prot opt source destination
RETURN all – anywhere anywhere

Chain fail2ban-recidive (1 references)
target prot opt source destination
REJECT all – 77.247.110.89 anywhere reject-with icmp-port-unreachable
REJECT all – ns3022515.ip-178-33-231.eu anywhere reject-with icmp-port-unreachable
REJECT all – 195-154-28-205.rev.poneytelecom.eu anywhere reject-with icmp-port-unreachable
REJECT all – 151.106.59.214 anywhere reject-with icmp-port-unreachable
REJECT all – 195-154-29-10.rev.poneytelecom.eu anywhere reject-with icmp-port-unreachable
RETURN all – anywhere anywhere

Chain fpbx-rtp (1 references)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpts:ndmp:dnp
ACCEPT udp – anywhere anywhere udp dpts:terabase:hfcs-manager

Chain fpbxattacker (6 references)
target prot opt source destination
all – anywhere anywhere recent: SET name: ATTACKER side: source mask: 255.255.255.255
DROP all – anywhere anywhere

Chain fpbxblacklist (1 references)
target prot opt source destination

Chain fpbxfirewall (1 references)
target prot opt source destination
ACCEPT all – anywhere anywhere
ACCEPT tcp – anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp – anywhere anywhere
ACCEPT all – anywhere 255.255.255.255
ACCEPT all – anywhere anywhere PKTTYPE = multicast
ACCEPT udp – anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc
fpbx-rtp all – anywhere anywhere
fpbxblacklist all – anywhere anywhere
fpbxsignalling all – anywhere anywhere
fpbxsmarthosts all – anywhere anywhere
fpbxregistrations all – anywhere anywhere
fpbxnets all – anywhere anywhere
fpbxhosts all – anywhere anywhere
fpbxinterfaces all – anywhere anywhere
fpbxreject all – anywhere anywhere
fpbxrfw all – anywhere anywhere mark match 0x2/0x2
ACCEPT udp – anywhere anywhere state RELATED,ESTABLISHED
fpbxlogdrop all – anywhere anywhere

Chain fpbxhosts (1 references)
target prot opt source destination
zone-trusted all – localhost anywhere
zone-trusted all – pbx-004 anywhere

Chain fpbxinterfaces (1 references)
target prot opt source destination
zone-external all – anywhere anywhere

Chain fpbxknownreg (0 references)
target prot opt source destination
all – anywhere anywhere recent: REMOVE name: REPEAT side: source mask:255.255.255.255
all – anywhere anywhere recent: REMOVE name: ATTACKER side: source mask: 255.255.255.255
MARK all – anywhere anywhere MARK or 0x4
ACCEPT all – anywhere anywhere mark match 0x1/0x1
fpbxsvc-ucp all – anywhere anywhere
fpbxsvc-zulu all – anywhere anywhere
fpbxsvc-restapps all – anywhere anywhere
fpbxsvc-restapps_ssl all – anywhere anywhere
fpbxsvc-provis all – anywhere anywhere
fpbxsvc-provis_ssl all – anywhere anywhere

Chain fpbxlogdrop (1 references)
target prot opt source destination
DROP all – anywhere anywhere

Chain fpbxnets (1 references)
target prot opt source destination
zone-trusted all – 26.ip-79-137-39.eu anywhere
zone-trusted all – 0.ip-79-137-39.eu/24 anywhere

Chain fpbxratelimit (1 references)
target prot opt source destination
ACCEPT all – anywhere anywhere mark match 0x4/0x4
ACCEPT all – anywhere anywhere recent: CHECK seconds: 90 hit_count: 1 name: WHITELIST side: source mask: 255.255.255.255
all – anywhere anywhere state NEW recent: SET name: REPEAT side: source mask: 255.255.255.255
all – anywhere anywhere state NEW recent: SET name: DISCOVERED side: source mask: 255.255.255.255
LOG all – anywhere anywhere LOG level warning
fpbxattacker all – anywhere anywhere recent: CHECK seconds: 86400 hit_count: 1 name: ATTACKER side: source mask: 255.255.255.255
fpbxattacker all – anywhere anywhere recent: CHECK seconds: 86400 hit_count: 200name: REPEAT side: source mask: 255.255.255.255
fpbxattacker all – anywhere anywhere recent: CHECK seconds: 300 hit_count: 100 name: REPEAT side: source mask: 255.255.255.255
fpbxshortblock all – anywhere anywhere recent: CHECK seconds: 60 hit_count: 50 name: REPEAT side: source mask: 255.255.255.255
ACCEPT all – anywhere anywhere

Chain fpbxregistrations (1 references)
target prot opt source destination

Chain fpbxreject (1 references)
target prot opt source destination
rejsvc-nfs all – anywhere anywhere
rejsvc-smb all – anywhere anywhere

Chain fpbxrfw (1 references)
target prot opt source destination
ACCEPT all – anywhere anywhere recent: CHECK seconds: 90 hit_count: 1 name: WHITELIST side: source mask: 255.255.255.255
all – anywhere anywhere recent: SET name: REPEAT side: source mask: 255.255.255.255
all – anywhere anywhere recent: SET name: DISCOVERED side: source mask: 255.255.255.255
fpbxattacker all – anywhere anywhere recent: CHECK seconds: 10 hit_count: 50 name: REPEAT side: source mask: 255.255.255.255
fpbxattacker all – anywhere anywhere recent: CHECK seconds: 86400 hit_count: 1 name: ATTACKER side: source mask: 255.255.255.255
fpbxshortblock all – anywhere anywhere recent: CHECK seconds: 60 hit_count: 10 name: SIGNALLING side: source mask: 255.255.255.255
all – anywhere anywhere recent: SET name: SIGNALLING side: source mask: 255.255.255.255
fpbxattacker all – anywhere anywhere recent: CHECK seconds: 86400 hit_count: 100name: REPEAT side: source mask: 255.255.255.255
ACCEPT all – anywhere anywhere

Chain fpbxshortblock (2 references)
target prot opt source destination
all – anywhere anywhere recent: SET name: CLAMPED side: source mask: 255.255.255.255
REJECT all – anywhere anywhere reject-with icmp-port-unreachable

Chain fpbxsignalling (1 references)
target prot opt source destination
MARK udp – anywhere anywhere udp dpt:5160 MARK set 0x1
MARK udp – anywhere anywhere udp dpt:sip MARK set 0x1

Chain fpbxsmarthosts (1 references)
target prot opt source destination

Chain fpbxsvc-chansip (1 references)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpt:5160

Chain fpbxsvc-ftp (1 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:ftp

Chain fpbxsvc-http (1 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:http

Chain fpbxsvc-https (1 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:https

Chain fpbxsvc-iax (1 references)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpt:iax

Chain fpbxsvc-isymphony (1 references)
target prot opt source destination

Chain fpbxsvc-letsencrypt (0 references)
target prot opt source destination

Chain fpbxsvc-nfs (0 references)
target prot opt source destination

Chain fpbxsvc-pjsip (1 references)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpt:sip

Chain fpbxsvc-provis (3 references)
target prot opt source destination
fpbxratelimit tcp – anywhere anywhere tcp dpt:ctf

Chain fpbxsvc-provis_ssl (3 references)
target prot opt source destination

Chain fpbxsvc-restapps (2 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:xfer

Chain fpbxsvc-restapps_ssl (2 references)
target prot opt source destination

Chain fpbxsvc-smb (0 references)
target prot opt source destination

Chain fpbxsvc-ssh (1 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:ssh

Chain fpbxsvc-tftp (1 references)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpt:tftp

Chain fpbxsvc-ucp (4 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:81
ACCEPT tcp – anywhere anywhere tcp dpt:vcom-tunnel
ACCEPT tcp – anywhere anywhere tcp dpt:mcreport

Chain fpbxsvc-vpn (3 references)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpt:openvpn

Chain fpbxsvc-webrtc (1 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:radan-http
ACCEPT tcp – anywhere anywhere tcp dpt:8089

Chain fpbxsvc-xmpp (3 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:xmpp-client

Chain fpbxsvc-zulu (4 references)
target prot opt source destination

Chain rejsvc-nfs (1 references)
target prot opt source destination

Chain rejsvc-smb (1 references)
target prot opt source destination

Chain zone-external (1 references)
target prot opt source destination
MARK all – anywhere anywhere MARK or 0x10
fpbxsvc-ucp all – anywhere anywhere
fpbxsvc-zulu all – anywhere anywhere
fpbxsvc-vpn all – anywhere anywhere
fpbxsvc-xmpp all – anywhere anywhere

Chain zone-internal (0 references)
target prot opt source destination
MARK all – anywhere anywhere MARK or 0x4
fpbxsvc-ssh all – anywhere anywhere
fpbxsvc-http all – anywhere anywhere
fpbxsvc-https all – anywhere anywhere
fpbxsvc-ucp all – anywhere anywhere
fpbxsvc-pjsip all – anywhere anywhere
fpbxsvc-chansip all – anywhere anywhere
fpbxsvc-iax all – anywhere anywhere
fpbxsvc-webrtc all – anywhere anywhere
fpbxsvc-zulu all – anywhere anywhere
fpbxsvc-isymphony all – anywhere anywhere
fpbxsvc-provis all – anywhere anywhere
fpbxsvc-provis_ssl all – anywhere anywhere
fpbxsvc-vpn all – anywhere anywhere
fpbxsvc-restapps all – anywhere anywhere
fpbxsvc-restapps_ssl all – anywhere anywhere
fpbxsvc-xmpp all – anywhere anywhere
fpbxsvc-ftp all – anywhere anywhere
fpbxsvc-tftp all – anywhere anywhere

Chain zone-other (0 references)
target prot opt source destination
MARK all – anywhere anywhere MARK or 0x8
fpbxsvc-ucp all – anywhere anywhere
fpbxsvc-zulu all – anywhere anywhere
fpbxsvc-provis all – anywhere anywhere
fpbxsvc-provis_ssl all – anywhere anywhere
fpbxsvc-vpn all – anywhere anywhere
fpbxsvc-xmpp all – anywhere anywhere

Chain zone-trusted (4 references)
target prot opt source destination
ACCEPT all – anywhere anywhere


(Itzik) #13

What happens when you go to that IP:84 from the same network the phone is on?


(Felotus) #14

To the IP of the freeppx installation on port 84? It’s accessible and asks for a username / password


(Itzik) #15

The WAN IP


(Felotus) #16

I’m not sure what you mean, we don’t really have an on-site IT infrastructure, only cloud installations so all we have in house is a router and the Sangoma phones are meant to be connected to our cloud installation of FreePBX


(system) closed #17

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.